乐胖代购免代理版

{"id":"https://openalex.org/W4403007181","doi":"https://doi.org/10.48550/arxiv.2408.10647","title":"Privacy-preserving Universal Adversarial Defense for Black-box Models","display_name":"Privacy-preserving Universal Adversarial Defense for Black-box Models","publication_year":2024,"publication_date":"2024-08-20","ids":{"openalex":"https://openalex.org/W4403007181","doi":"https://doi.org/10.48550/arxiv.2408.10647"},"language":"en","primary_location":{"is_oa":true,"landing_page_url":"http://arxiv.org/abs/2408.10647","pdf_url":"http://arxiv.org/pdf/2408.10647","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false},"type":"preprint","type_crossref":"posted-content","indexed_in":["arxiv"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://arxiv.org/pdf/2408.10647","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048476370","display_name":"Q. Li","orcid":"https://orcid.org/0000-0002-3694-8237"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Li, Qiao","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103222723","display_name":"Cong Wu","orcid":"https://orcid.org/0000-0003-3501-9249"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wu, Cong","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100394917","display_name":"Jing Chen","orcid":"https://orcid.org/0000-0002-7212-5297"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chen, Jing","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100764716","display_name":"Zijun Zhang","orcid":"https://orcid.org/0000-0003-2016-8014"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhang, Zijun","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033526822","display_name":"Kun He","orcid":"https://orcid.org/0000-0001-7627-4604"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"He, Kun","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100529319","display_name":"Ruiying Du","orcid":"https://orcid.org/0000-0002-3634-3385"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Du, Ruiying","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074446914","display_name":"Xinxin Wang","orcid":"https://orcid.org/0000-0003-3785-9874"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wang, Xinxin","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113411194","display_name":"Qingchuang Zhao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhao, Qingchuang","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5043043179","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0003-0637-9229"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Liu, Yang","raw_affiliation_strings":[],"affiliations":[]}],"institution_assertions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.0,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":0,"max":84},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9996,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9996,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9345,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9211,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.77203786}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.81057876},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.77203786},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5531897},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.52302706},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.40937874},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.25580996}],"mesh":[],"locations_count":1,"locations":[{"is_oa":true,"landing_page_url":"http://arxiv.org/abs/2408.10647","pdf_url":"http://arxiv.org/pdf/2408.10647","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"http://arxiv.org/abs/2408.10647","pdf_url":"http://arxiv.org/pdf/2408.10647","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false},"sustainable_development_goals":[],"grants":[],"datasets":[],"versions":[],"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W4246396837","https://openalex.org/W3191453585","https://openalex.org/W3126451824","https://openalex.org/W3037859390","https://openalex.org/W3009622996","https://openalex.org/W2748952813","https://openalex.org/W2502115930","https://openalex.org/W2482350142","https://openalex.org/W1561927205"],"abstract_inverted_index":{"Deep":[0],"neural":[1],"networks":[2],"(DNNs)":[3],"are":[4],"increasingly":[5],"used":[6],"in":[7],"critical":[8],"applications":[9],"such":[10,67],"as":[11,59],"identity":[12],"authentication":[13],"and":[14,145,168,205],"autonomous":[15],"driving,":[16],"where":[17],"robustness":[18],"against":[19,81,152],"adversarial":[20,85,157],"attacks":[21,25],"is":[22],"crucial.":[23],"These":[24],"can":[26],"exploit":[27],"minor":[28],"perturbations":[29],"to":[30,38,51,65,76,104],"cause":[31],"significant":[32],"prediction":[33],"errors,":[34],"making":[35],"it":[36,120],"essential":[37],"enhance":[39,133],"the":[40,105,115,162,166,172,195,207],"resilience":[41],"of":[42,84,156,165,174,197,210],"DNNs.":[43],"Traditional":[44],"defense":[45,73,80,97,140,151],"methods":[46,74],"often":[47],"rely":[48],"on":[49,142,178],"access":[50,103],"detailed":[52],"model":[53,60,117,136],"information,":[54],"which":[55],"raises":[56],"privacy":[57,204],"concerns,":[58],"owners":[61],"may":[62],"be":[63],"reluctant":[64],"share":[66],"data.":[68],"In":[69],"contrast,":[70],"existing":[71,189],"black-box":[72,96,190],"fail":[75],"offer":[77],"a":[78,94,124,138,153],"universal":[79,95],"various":[82],"types":[83],"attacks.":[86,158,213],"To":[87],"address":[88],"these":[89],"challenges,":[90],"we":[91],"introduce":[92],"DUCD,":[93],"method":[98],"that":[99,184],"does":[100],"not":[101,186],"require":[102],"target":[106,116,169],"model's":[107],"parameters":[108],"or":[109],"architecture.":[110],"Our":[111],"approach":[112],"involves":[113],"distilling":[114],"by":[118],"querying":[119],"with":[121],"data,":[122],"creating":[123],"white-box":[125,198],"surrogate":[126,135,167],"while":[127,201],"preserving":[128],"data":[129,203],"privacy.":[130],"We":[131],"further":[132],"this":[134],"using":[137],"certified":[139,163],"based":[141],"randomized":[143],"smoothing":[144],"optimized":[146],"noise":[147],"selection,":[148],"enabling":[149],"robust":[150],"broad":[154],"range":[155],"Comparative":[159],"evaluations":[160],"between":[161],"defenses":[164,191],"models":[170],"demonstrate":[171],"effectiveness":[173],"our":[175],"approach.":[176],"Experiments":[177],"multiple":[179],"image":[180],"classification":[181],"datasets":[182],"show":[183],"DUCD":[185],"only":[187],"outperforms":[188],"but":[192],"also":[193],"matches":[194],"accuracy":[196],"defenses,":[199],"all":[200],"enhancing":[202],"reducing":[206],"success":[208],"rate":[209],"membership":[211],"inference":[212]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4403007181","counts_by_year":[],"updated_date":"2024-12-09T21:33:48.749298","created_date":"2024-10-01"}